Electronic document confidentialy and tracking system

ABSTRACT

Method and apparatus to identify document properties by use of the Internet or other networking system.

This application is a continuation of patent application Ser. No.10/919,031 that was filed on Aug. 14, 2004.

RELATED APPLICATIONS

This application claims priority under 35 USC sec. 119(e) to U.S.Provisional Application Ser. No. 60/495041, filed Aug. 14, 2003,entitled “Electronic Document Tracking System.” This application alsoclaims priority under 35 USC sec. 119(e) to U.S. Provisional ApplicationSer. No. 60/511,595, Filed Oct. 16, 2003, entitled “Electronic documenttracking system.” This application also claims priority under 35 USCsec. 119(e) to U.S. application Ser. No. 10/919,031 Filed Aug. 14, 2004,entitled “Electronic document tracking system.” The three (3)above-referenced applications are incorporated herein in their entiretyby this reference.

FIELD OF THE INVENTION

The present invention relates generally to electronic documents and asystem and method to maintain their confidentiality.

SUMMARY

Modern businesses use electronic documents and email to efficientlyconduct business. The problem this that electronic documents are easilysent anywhere in the world and once sent, the owner cannot track wherethe document goes or to whom it is sent. The document(s) could containtrade secrets or proprietary data and be sent to a competitor. Or,electronic documents can be taken from a business, person, governmententity or other without their knowledge and identifying the theft wouldbe very difficult to discover. By using the Electronic Document TrackingSystem, an owner of an electronic document can have a good probabilityof knowing where the document is in the virtual world of computers, whois accessing it and when.

BACKGROUND OF THE INVENTION

Electronic documents can contain sensitive information including tradesecrets, client lists, etc. This kind of information is imperative tothe profitability and functioning of companies, governments, etc. Todate, there is no way to automatically track when and where (a/k/a bywhom) your documents were accessed. The Electronic Document TrackingSystem is a system that overcomes that void in modern technology.

While most word processors, and other programs, have a mechanism topassword protect the document, and encryption software does exist, theseimplementations are cumbersome and sometimes require third-partysoftware. The “electronic document tracking system” incorporates anencryption mechanism to provide a secure document and ensure that thedocument is tracked. Furthermore, the encryption mechanism will notrequire third-party software or passwords that are easily lost. Instead,the encryption mechanism will work off a list of IP addresses (or otherhardware addresses that is computer specific) that are considered“secure” to the document owner.

BRIEF DESCRIPTION OF THE DRAWINGS

Not applicable.

DETAILED DESCRIPTION OF THE INVENTION

Accessing and Tracking

The method and apparatus include embedding, in the electronic document,an electronic program, script or macro that encrypts the document andcontacts the document owner's company, or a third party entity, uponaccessing the electronic document.

Upon opening the electronic document, the embedded program, script ormacro will contact the owner via electronic messaging. The contact maybe via the Internet whereby the embedded program, script or macrocontaining a specific encrypted document tracking number (i.e. placementof a VBA script in Microsoft documents) can do an HTML call via a “get”statement to the owners web site where the “get” statement requests theIP address (or other unique address specific to the computer) of themachine on which the electronic document currently exists and theunencrypted unique document number (this would result in an error in theweb servers web logs leaving behind the IP address of the computeraccessing the document and the unique unencrypted document trackingnumber.). This method will provide a web log with the details of whenand where the electronic document lies in cyberspace and who isaccessing it.

Another method is to setup a server and assign it a specific port(socket server or SOAP server) that accepts data via the Internet. Oncethe program, script or macro verifies the IP address of the computeraccessing the electronic document against the “approved IP addresslist,” the program will send a message to the sever including the IPaddress (or other hardware addresses that is computer specific) of thecomputer where the document is located in Cyberspace and the electronicdocument tracking number.

Once the encrypted electronic document has contacted the “server” theserver will verify the data passed against its database and pass back anumber that is associated with the document number to be utilized withthe “one page encryption” software [as a matter of background, one pageencryption was used by the Russians after WW2. While the One-Pageencryption algorithm is noted here, any encryption algorithm may beused]. Once the electronic document has received the One Page encryptionnumber, the document will self-decrypt and be accessible to theend-user.

The point of incorporating encryption software with a tracking system isto ensure the tracking. That is, if a person simply opened the documenton a machine that is not connected to the Internet, they could simplebypass the Internet Tracking Feature. By having the One-Page encryptionnumber given by the server, the device has built-in a guarantee that theelectronic document must contact the Tracking Server otherwise thedocument will not decrypt. The encryption also acts as additional layerof document security.

Another implementation of this methodology is for the company thatdevelops the software to develop its own database that is accessible viathe Internet. Then, the software company would contract, for a fee, withthe clients and all of the documents would contact the softwarecompany's database and the software company would be responsible fortracking access to the documents and providing access information to theelectronic document owner. The implementation of the software company'sdatabase would simply be a scalable version of the web site or uniqueport implementation used by the owner's of the electronic documents.

To embed the tracking program/script/macro, and the electronic documenttracking number, into the electronic document the user would use aprogram that allows the user to navigate his or her computer to selectthe document they want protected. Once identified, the program wouldinsert the embedded program/script/macro and unique encrypteddocument-tracking number into the electronic document. An example ofsuch an implementation would be embedding a VBA script into MicrosoftDocuments. The program, script or macro could be configured to contactthe owner's web site or the server (Socket or SOAP server) that theowner implemented at their entity (i.e. business, government, etc.).

Prior to the “navigating program” inserting the program/script/macrointo the electronic document, the “navigation program” would create anentry in the owner's database that links the documents name and where itwas to be used/sent, with a unique identifier number and a One-Pageencryption number that is associated with the document or owner.Additionally, the document owner will be prompted for “activation” and“deactivations” dates. These dates are the dates when the document willbegin to send data back to the owner or stop sending data back to theowner. After all, the electronic document might be time sensitive andthe owner may not want the reporting, or access of the document, afterone (1) year.

Another possible implementation of inserting the code into the documentis by manipulating the “templates” used by the various softwareprograms. Microsoft, WordPerfect and others use templates when startingnew documents. By inserting the encryption and tracking code needed intothese templates, the system has automated the process of inserting thecode into the document.

This same methodology and apparatus may be used in conjunction withmarketing. As electronic marketing grows, this system may be used totrack how many people read a particular piece of electronic marketingliterature. Based on the number of readers, the advertiser will know howeffective the marketing campaign is. Also, royalties and other incentivemarketing reimbursement mechanisms may be based on the “number of hits”produced by any one electronic marketing piece much like currentreimbursement schemes for the Internet's “pay per click” web pagereferral agreements.

Document Rights

If the implementation of the tracking system uses the socket or SOAPserver method of tracking, the interaction with the document may beextended. Because the electronic document can pass a message over theInternet, it can either expect or not expect a reply message. Such animplementation may be used to approve or deny access to the documentbeing viewed; or the document may be given privileges via the server(socket or SOAP server) to disallow printing of the document or otherthe document may be instructed to self-delete. While the document maynot delete or copies, the implementation will cause a greater level ofsecurity for the document.

Document Encryption

Programs like Microsoft Word and WordPerfect have password protectionbut passwords can be shared and there are programs that break passwordprotection. To add an additional layer of protection and ensuretracking, The Electronic Document Tracking System will encrypt theelectronic document. Upon accessing the document, the program, script ormacro (i.e. a Microsoft Word VBA script) would check the IP addresses inthe “allowed to access list” and compare them to the IP address (orother hardware addresses that is computer specific) of the computeraccessing the document. If they match, the program, script or macrowould contact the server (SOAP or socket server) for the One-Pageencryption number and decrypt the document.

IP Address Modual

The people with whom electronic documents are most commonly shared willknow the end user's IP address (or other hardware addresses that iscomputer specific). In the event they do not, a small program, or aprogram executed from an Internet web page, is given to the end user.The purpose of this program is to determine the IP address of thecomputer that will be receiving the document. This ensures that the IPaddress being used in the embedded code is correct.

Document Deletion Modual

A document will be set with a document deletion date. When the dateoccurs, the document will delete itself rendering it non-usable.

1. A system and apparatus that utilizes the Internet or another networking system to obtain and verify document properties. 